Intel, Georgia Tech work to mitigate machine learning deception
Santa Clarita, CA-based Intel and the Georgia Institute of Technology (Georgia Tech) announced on April 9 that they have been selected to lead a Guaranteeing Artificial Intelligence (AI) Robustness against Deception (GARD) program team for the Defense Advanced Research Projects Agency (DARPA). Intel is the prime contractor in this four-year, multimillion-dollar joint effort to improve cybersecurity defenses against deception attacks on machine learning (ML) models.
“Intel and Georgia Tech are working together to advance the ecosystem’s collective understanding of and ability to mitigate against AI and ML vulnerabilities. Through innovative research in coherence techniques, we are collaborating on an approach to enhance object detection and to improve the ability for AI and ML to respond to adversarial attacks,” said Jason Martin, principal engineer at Intel Labs and principal investigator for the DARPA GARD program from Intel.
While rare, adversarial attacks attempt to deceive, alter or corrupt the ML algorithm interpretation of data. As AI and ML models are increasingly incorporated into semi-autonomous and autonomous systems, it is critical to continuously improve the stability, safety and security of unexpected or deceptive interactions. For example, AI misclassifications and misinterpretations at the pixel level could lead to image misinterpretation and mislabeling scenarios, or subtle modifications to real-world objects could confuse AI perception systems. GARD will help AI and ML technologies become better equipped to defend against potential future attacks.
Current defense efforts are designed to protect against specific pre-defined adversarial attacks, but remain vulnerable to attacks when tested outside their specified design parameters. GARD intends to approach ML defense differently – by developing broad-based defenses that address the numerous possible attacks in given scenarios that could cause an ML model to misclassify or misinterpret data. Due to its broad architectural footprint and security leadership, Intel is uniquely positioned to help drive innovations in AI and ML technology with a significant stake in the outcome.
The goal of the GARD program is to establish theoretical ML system foundations that will not only identify system vulnerabilities and characterize properties to enhance system robustness, but also promote the creation of effective defenses. Through these program elements, GARD aims to create deception-resistant ML technologies with stringent criteria for evaluating their effectiveness.
In the first phase of GARD, Intel and Georgia Tech are enhancing object detection technologies through spatial, temporal and semantic coherence for both still images and videos. Intel is committed to driving AI and ML innovation and believes that working with skilled security researchers across the globe is a crucial part of addressing potential security vulnerabilities for the broader industry and our customers.